Diagram:
So we decided to go with a new core for our new openstack environment. Going with dense supermicros so needed a lot of ports.
N7K is our current core and most production stuff working on. The Juniper core is all fiber and in a virtual chassis (VC) and is the default gateway for our openstack provider networks. Then we have another VC for management ports (copper). So we have a N7010, QFX5110-S and QFX5100-T.
L3 /30s between nexus and juniper core, then a l3/l2 connection between both Junipers.
Anything directly connected to the fiber (middle switch) we can ping from anywhere no issues. However, the moment we plug something up to the copper switch, it can't ping end hosts. So have Host A (10.210.0.45) talking to Host B (10.1.20.149). I can ping sourcing as the IRB and ping 10.1.20.149 just fine.
root@DC-JNP-MGMT01> ping source 10.210.0.5 10.1.20.149 PING 10.1.20.149 (10.1.20.149): 56 data bytes 64 bytes from 10.1.20.149: icmp_seq=0 ttl=62 time=68.270 ms 64 bytes from 10.1.20.149: icmp_seq=1 ttl=62 time=22.110 ms 64 bytes from 10.1.20.149: icmp_seq=2 ttl=62 time=22.114 ms
However, the host itself can't do that. I run a traceroute, but I can't get to the Cisco. It dies at the L3 interface on the Juniper facing the N7K.
root@DC-JNP-MGMT01> traceroute source 10.210.0.5 10.1.20.149 traceroute to 10.1.20.149 (10.1.20.149) from 10.210.0.5, 30 hops max, 40 byte packets 1 10.80.22.1 (10.80.22.1) 13.323 ms 12.932 ms 12.825 ms 2 172.16.42.94 (172.16.42.94) 1.911 ms 1.937 ms 1.753 ms 3 * * 10.1.0.0/16 *[OSPF/10] 04:45:10, metric 42 to 10.210.0.1 via irb.2100 > to 10.80.22.1 via irb.822
Tried doing static and OSPF back to core, no dice.
10.1.0.0/16 *[Static/5] 04:18:45 > to 172.16.42.94 via xe-0/0/0.0 [OSPF/10] 04:18:05, metric 41 to 172.16.42.98 via xe-1/0/1.0 > to 172.16.42.94 via xe-0/0/0.0
Spent four hours on JTAC call and he said it should work but it doesn't. I tried just a L2 between both junipers, only l3, and mix of both currently and nothing works. I am about to lose my mind.
No comments:
Post a Comment